Allow option to rely entirely on 3rd-party auth

[jeffputz]

This probably has to come after #86. The use case is basically to rely on something like Azure AD and auto-provision user accounts.

[manuelxmarquez]

I have submitted a pull request where I added this feature. I really needed to add IdentityServer4 support but decided to split my change in case someone needs it with the existing external account support.

I have a branch which builds on top of this for IdentityServer4. It is quite a bit more complicated to get the logout feature to work and link back to IS for logout. I also set it up to use the token to get additional user claims which can be used to update the forum account and sync up all changes. All you need to do is override the AutoProvisionAccountService

In order to override the login and logout actions without modifying PopForums, so it is easier to maintain, I used a redirect in Configure to override the actions.

https://github.com/manuelxmarquez/POPForums/tree/IdentityServer4

[jeffputz]

There are some things to think through here...

• I wouldn't put the setting in config, but rather settings. In a multi-tenant scenario (i.e., the commercial version), this would be configurable from admin.
• The implementation should be even simpler... instead you can set up an arbitrary OAuth2 provider (for which support already exists), leaving only the need to disable the login boxes and auto provision account creation (with the returned claims) instead of the local account association workflow. More importantly, there's no need to tie it to any specific identity provider like IDS4.
• What is the happy path for a newly created forum? Normally we create a local user for that. What happens if the admin no longer has an account with the identity provider?